- Switch from SQLite/PVC to CNPG PostgreSQL (3 instances, low-resource)
with a transaction-mode PgBouncer pooler (2 instances)
- Raise open-webui replicas to 3 with priorityClassName: power
- Add PodDisruptionBudget (minAvailable: 1)
- Add Gateway API sessionPersistence (cookie) on the HTTPS HTTPRoute
so WebSocket connections stick to the same backend pod
- Add postgres-credentials VaultStaticSecret; DATABASE_URL must be
added to kv/kubernetes/namespace/open-webui/default/open-webui-credentials
Deploys Open WebUI (chat.k8s.syd1.au.unkin.net) into the open-webui
namespace via the aitooling ArgoCD project. Uses SQLite with a 10Gi
cephrbd PVC for persistence, routes model requests to the existing
litellm deployment, and exposes the UI through the traefik-external
gateway. Credentials (OPENAI_API_KEY, WEBUI_SECRET_KEY) are injected
via VaultStaticSecret from kv/kubernetes/namespace/open-webui/default.
Closes#155